﻿<!--#include file="../base.asp"-->
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>验证登录中--普通话网络课程</title>
</head>
<body>
<%
dim username,passwd,safecode,from,location,rs,strSQL,strURL,IsRealUser
username=request.Form("username")
passwd=request.Form("passwd")
location=request.Form("location")
safecode=request.Form("SafeCode")
from=request.QueryString("from")
if location="foot" then
	location=2
else location=1
end if
%>
<%
if from="login.asp" then
	strSQL="from [user] where userNum='"&username&"' and userPwd='"&passwd&"' and [delete]=0"
	IsRealUser=IsExistRecordset(strSQL)
	if IsRealUser then 
		if safecode=Session("SafeCode") then
			'获取用户身份，管理模式
			strSQL="select * "&strSQL
			set rs=GetRecordset(strSQL,0)
			strURL=rs("userIdentityID")
			setCookies username,passwd,strURL
			if rs("userMI")=False then
				showMsg "登录成功！",location,"../users"
			else				
				rs.close
				set rs=nothing
				strSQL="select * from [identity] where identityID="&strURL&" and [delete]=0"
				set rs=GetRecordset(strSQL,0)
				'限定用户身份名
				strSQL=rs("identityName")
				select case strSQL
					case "superadmin":
						strURL="admin"
					case "admin":
						strURL="info"
					case "teacher":
						strURL="comm"
					case "student":
						strURL="comm"
					case else
						showMsg "您的登录是非法的！跳转中...",1,"../"
				end select
				rs.close
				set rs=nothing
				showMsg "登录成功！",location,strURL
			end if
		else showMsg "验证码不正确！",0,""
		end if
	else showMsg "用户名或密码不正确！",0,""
	end if
	CloseDatabase
else showMsg "您的登录是非法的！跳转中...",1,"../"
end if
%>
</body>
</html>